-
Notifications
You must be signed in to change notification settings - Fork 38
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Item12952: many changes for new confgure architecture
- Loading branch information
crawford
committed
Aug 27, 2014
1 parent
81475ce
commit 2d50dfc
Showing
6 changed files
with
793 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,79 @@ | ||
| # See bottom of file for license and copyright information | ||
| package Foswiki::Configure::Wizards::GuessSSLCaLocations; | ||
|
|
||
| =begin TML | ||
| ---++ package Foswiki::Configure::Wizards::GuessSSLCaLocations | ||
| Wizard to guess the locations of SSL Certificate files. | ||
| =cut | ||
|
|
||
| use strict; | ||
| use warnings; | ||
|
|
||
| use Foswiki::Configure::Wizard (); | ||
| our @ISA = ('Foswiki::Configure::Wizard'); | ||
|
|
||
| # WIZARD | ||
| sub guess { | ||
| my ( $this, $reporter ) = @_; | ||
|
|
||
| # See if we can use LWP or Crypt::SSLEay's defaults | ||
|
|
||
| my ( $file, $path ) = @ENV{qw/PERL_LWP_SSL_CA_FILE PERL_LWP_SSL_CA_PATH/}; | ||
| my $guessed = 0; | ||
| if ( $file || $path ) { | ||
| $reporter->NOTE("Guessed from LWP settings"); | ||
| $guessed = 1; | ||
| } | ||
| else { | ||
| ( $file, $path ) = @ENV{qw/HTTPS_CA_FILE HTTPS_CA_DIR/}; | ||
| if ( $file || $path ) { | ||
| $reporter->NOTE("Guessed from Crypt::SSLEay's settings"); | ||
| $guessed = 1; | ||
| } | ||
| else { | ||
| if ( eval 'require Mozilla::CA;' ) { | ||
| $file = Mozilla::CA::SSL_ca_file(); | ||
| if ($file) { | ||
| $reporter->NOTE("Obtained from Mozilla::CA"); | ||
| $guessed = 1; | ||
| } | ||
| else { | ||
| $reporter->ERROR( | ||
| "Mozilla::CA is installed but has no file"); | ||
| } | ||
| } | ||
| } | ||
| } | ||
| if ($guessed) { | ||
| $reporter->WARN(Foswiki::Configure::Checker::GUESSED_MESSAGE); | ||
| $Foswiki::cfg{Email}{SSLCaFile} = $file || ''; | ||
| $reporter->CHANGED('{Email}{SSLCaFile}'); | ||
| $Foswiki::cfg{Email}{SSLCaPath} = $path || ''; | ||
| $reporter->CHANGED('{Email}{SSLCaPath}'); | ||
| return 1; | ||
| } | ||
| } | ||
|
|
||
| 1; | ||
|
|
||
| __END__ | ||
| Foswiki - The Free and Open Source Wiki, http://foswiki.org/ | ||
| Copyright (C) 2014 Foswiki Contributors. Foswiki Contributors | ||
| are listed in the AUTHORS file in the root of this distribution. | ||
| NOTE: Please extend that file, not this notice. | ||
| This program is free software; you can redistribute it and/or | ||
| modify it under the terms of the GNU General Public License | ||
| as published by the Free Software Foundation; either version 2 | ||
| of the License, or (at your option) any later version. For | ||
| more details read LICENSE in the root of this distribution. | ||
| This program is distributed in the hope that it will be useful, | ||
| but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||
| As per the GPL, removal of this notice is prohibited. |
114 changes: 114 additions & 0 deletions
114
core/lib/Foswiki/Configure/Wizards/InstallCertificate.pm
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,114 @@ | ||
| package Foswiki::Configure::Wizards::InstallCertificate; | ||
|
|
||
| =begin TML | ||
| ---++ package Foswiki::Configure::Wizards::InstallCertificate | ||
| Wizard to install SSL Certificate files. | ||
| =cut | ||
|
|
||
| use strict; | ||
| use warnings; | ||
|
|
||
| use Foswiki::Configure::Wizard (); | ||
| our @ISA = ('Foswiki::Configure::Wizard'); | ||
|
|
||
| # Accepts the query parameters: | ||
| # * certificate - which must contain the text of a certificate | ||
| # to be installed. | ||
| # * password - which must contain the password to be used with the certificate | ||
| sub execute { | ||
| my ( $this, $reporter ) = @_; | ||
|
|
||
| my $certfile = '$Foswiki::cfg{DataDir}' . "/SmimeCertificate.pem"; | ||
| Foswiki::Configure::Load::expandValue($certfile); | ||
| my $keyfile = '$Foswiki::cfg{DataDir}' . "/SmimePrivateKey.pem"; | ||
| Foswiki::Configure::Load::expandValue($keyfile); | ||
|
|
||
| return $reporter->ERROR("No pending Certificate request") | ||
| unless ( -r "$certfile.csr" && -r "$keyfile.csr" ); | ||
|
|
||
| my $data = $this->param("certificate") || ''; | ||
|
|
||
| $data = join( | ||
| "\n", | ||
| map { | ||
| /^-----BEGIN CERTIFICATE-----/ ... /^-----END CERTIFICATE-----/ | ||
| ? ($_) | ||
| : () | ||
| } ( split( /\r?\n/, $data ), '-----END CERTIFICATE-----' ) | ||
| ); | ||
|
|
||
| $data =~ tr,A-Za-z0-9+=/\r\n \t-,,cd; | ||
| $data =~ m/\A(.*)\z/ms; | ||
| $data = $1; | ||
|
|
||
| return $reporter->ERROR("No certificate present") | ||
| unless ( defined $data | ||
| && $data =~ /^-----BEGIN CERTIFICATE-----/m | ||
| && $data =~ /^-----END CERTIFICATE-----/m ); | ||
|
|
||
| my $output; | ||
| { | ||
| no warnings 'exec'; | ||
|
|
||
| $output = `openssl x509 -text 2>&1 <<~~~EOF--- | ||
| $data | ||
| ~~~EOF--- | ||
| `; | ||
| } | ||
| if ($?) { | ||
| return $reporter->ERROR( | ||
| "Operation failed" . ( $? == -1 ? " (No openssl: $!)" : '' ) ); | ||
| } | ||
|
|
||
| if ( $Foswiki::cfg{Email}{SmimeCertificateFile} ) { | ||
| return $reporter->ERROR( | ||
| "This appears to be a valid certificate, but a certificate file has been specified, so loading this certificate isn't useful. Remove the specification in {Email}{SmimeCertificateFile} if you want to load this certificate, or point it to the correct file." | ||
| ); | ||
| } | ||
|
|
||
| my $f; | ||
| unless ( open( $f, '>', $certfile ) ) { | ||
| return $reporter->ERROR("Unable to open $certfile: $!"); | ||
| } | ||
| print $f $data; | ||
| close $f or return $reporter->ERROR("Failed to write $certfile: $!"); | ||
|
|
||
| $reporter->NOTE("$certfile written."); | ||
|
|
||
| unlink($keyfile); | ||
| rename( "$keyfile.csr", "$keyfile" ) | ||
| or return $reporter->ERROR("Unable to install private key: $!"); | ||
| $reporter - . NOTE("$keyfile updated."); | ||
|
|
||
| $Foswiki::cfg{Email}{SmimeKeyPassword} = $this->param('password'); | ||
| $reporter->CHANGED('{Email}{SmimeKeyPassword}'); | ||
|
|
||
| unlink("$certfile.csr") | ||
| or $reporter->ERROR("Can't delete $certfile.csr: $!"); | ||
|
|
||
| return 1; | ||
| } | ||
|
|
||
| 1; | ||
|
|
||
| __END__ | ||
| Foswiki - The Free and Open Source Wiki, http://foswiki.org/ | ||
| Copyright (C) 2014 Foswiki Contributors. Foswiki Contributors | ||
| are listed in the AUTHORS file in the root of this distribution. | ||
| NOTE: Please extend that file, not this notice. | ||
| This program is free software; you can redistribute it and/or | ||
| modify it under the terms of the GNU General Public License | ||
| as published by the Free Software Foundation; either version 2 | ||
| of the License, or (at your option) any later version. For | ||
| more details read LICENSE in the root of this distribution. | ||
| This program is distributed in the hope that it will be useful, | ||
| but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||
| As per the GPL, removal of this notice is prohibited. |
Oops, something went wrong.